﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;

namespace FaithCMS
{
    class DbConnection
    {
        //Private variables
        private string dbName;
        private string server;
        private string userID;
        private string password;

        //Properties
        public string DbName
        {
            get { return dbName; }
            set { dbName = value; }
        }

        public string Server
        {
            get { return server; }
            set { server = value; }
        }

        public string UserID
        {
            get { return userID; }
            set { userID = value; }
        }

        public string Password
        {
            get { return password; }
            set { password = value; }
        }                  
    }

    public partial class AdminLoginPage : System.Web.UI.Page
    {
        //SqlData Objects
        SqlDataReader reader;
        SqlConnection conn;
        SqlCommand comm;

        //Sql Query String
        string sqlQuery;

        //Username and password values
        private string userName;
        private string pass;

        protected void Page_Load(object sender, EventArgs e)
        {
            Login1.Authenticate += new AuthenticateEventHandler(Login1_Authenticate);
        }

        protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
        {
            bool Authenticated = false;

            Authenticated = SiteAuthentication(Login1.UserName, Login1.Password);
            e.Authenticated = Authenticated;

            //If the user is valid, go to the admin backend
            if (Authenticated == true)
            {
                Server.Transfer("~/Admin/AdminPage.aspx");
            }
        }

        private bool SiteAuthentication(string user, string pass)
        {
            bool validUser = false;

            //Setup userName and pass values
            userName = Login1.UserName;
            pass = Login1.Password;

            //DbConnection Object
            DbConnection dbConn = new DbConnection();

            //Setup the DbConnection data
            dbConn.DbName = "faith_cms";
            dbConn.UserID = "sa";
            dbConn.Password = "God!sGood";
            dbConn.Server = "Darren-PC";
            
            //Sql Connection string
            string ConnString = "server=" + dbConn.Server + "; " + "uid=" + dbConn.UserID + "; " + "pwd=" + dbConn.Password + "; " + "database=" + dbConn.DbName + ";";

            conn = new SqlConnection(ConnString);
            conn.Open();
            sqlQuery = "SELECT * FROM users";
            comm = new SqlCommand(sqlQuery, conn);
            reader = comm.ExecuteReader();

            while (reader.Read())
            {
                if ((userName == reader["Username"].ToString()) && (pass == reader["Password"].ToString()))
                {
                    validUser = true;
                }
            }

            //Close the reader
            reader.Close();

            //Close the connection
            conn.Close();

            //Return authentication data
            return validUser;
        }
    }
}